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AMENDMENTS TO THE CLAIMS 

1 . (Currently Amended) A method of registering a non-configured network device in a 

telecommxmications network, the method comprising the computer-implemented steps of: 
providin g, using a secure communication channel information identifying a trusted 

device registration service to a first non-configured network packet-routing device 

for use in obtaining a longer-lived symmetric key; 
providing trusted information to the trusted device registration service that certifies that 

the first device is a known device within a security realm; 
authenticating the first device to the trusted device registration service; 
registering the first device in the network at the trusted device registration service, 

wherein the trusted device registration service establishes a longer-lived 

symmetric key and p rovides the first device with athe longer-lived symmetric 

key; 

receiving a message fi"om the first device that requests network services, wherein the 
message fi'om the first device contains the longer- lived symmetric key; 

authenticating the first device based on the longer-lived symmetric key; 

generating and providing a shorter-hved symmetric key to the first device based on 
authenticating the longer-lived symmetric key; 

receiving a request from a second network packet routing device to obtain a session key 
for secure communications between the second device and the first device, 
wherein the second device sends the request in response to receiving a request 
from the first device to obtain a session key on behalf of both the first device and 
the second device; 

authenticating the request from the second device based on authenticating the shorter- 
lived symmetric key of the first device, wherein the request from the second 
device includes the shorter-lived symmetric key of the first device; and 

generating and providing a symmetric session key to the second device for use in 

subsequent secure peer-to-peer communications between the first device and the 
second device, wherein the first device obtains the symmetric session key from 
the second device without communication of the first device to a key management 
service or authoritative authentication service. 



50325-0590 (SeqNo 4700) 



2 



Attorney Docket No. : 50325-0590 (SeqNo. 4700) Patent 



2. (Original) A method as recited in Claim 1, wherein the shorter-lived symmetric key is 
encapsulated in a ticket that includes data identifying a specified lifetime of the shorter- 
lived symmetric key. 

3. (Canceled). 

4. (Original) A method as recited in Claim 1, wherein the subsequent secure 
communications comprise successive symmetric encryption and decryption operations 
using the symmetric session key, and wherein the first device and second device carry out 
the subsequent secure communications without contact with a key management service or 
registration service. 

5. (Canceled). 

6. (Canceled). 

7. (Canceled). 

8. (Currently Amended) A method of distributing cryptographic keys in a network, the 
method comprising the computer-implemented steps of: 

providin g, using a secure communication channel a registration service identifier that 

identifies an administrative entity to a first non-configured network packet routing 
device; 

providing a unique identifier of the first device to the administrative entity; 
associating a device public key with the first device in a secure data repository that is 

accessible by the administrative entity; 
authenticating the first device to the administrative entity based on the device public key 

associated with the first device; 
establishing a longer-hved symmetric key for the first device; 
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authenticating the first device based on receiving the longer-lived symmetric key fi-om 
the first device; 

generating and providing a short-term symmetric key to the first device based on 
authenticating the longer-lived symmetric key; 

receiving a request fi-om a second network packet routing device to obtain a session key 
for secure communications between the second device and the first device, 
wherein the second device sends the request in response to receiving a request 
from the first device to obtain a session key on behalf of both the first device and 
the second device; 

authenticating the request from the second device based on authenticating the shorter- 
lived symmetric key of the first device, wherein the request from the second 
device includes the shorter-lived synmietric key of the first device; and 

generating and providing a symmetric session key to the second device for use in 

subsequent secure peer-to-peer communications between the first device and the 
second device, wherein the first device obtains the symmetric session key from 
the second device without communication of the first device to a key management 
service or authoritative authentication service. 

9. (Previously Presented) A method as recited in Claim 8, wherein the step of associating a 
device public key with the first device in the secure data repository comprises the steps of 
generating a public key pair comprising a device public key and a device private key and 
storing the device public key in a database or directory that is accessible to the 
administrative entity. 

10. (Previously Presented) A method as recited in Claim 8, wherein the step of associating a 
device public key with the first device in the secure data repository comprises the steps of 
generating a public key pair comprising a device public key and a device private key and 
registering the device pubhc key with a certification authority that is accessible to the 
administrative entity. 

11. (Canceled). 
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12. (Canceled). 

13. (Previously Presented) A method as recited in Claim 8, wherein providing a unique 
identifier of the first device to the administrative entity comprises the steps of creating 
and storing an association of a unique identifier of the first device and the device pubUc 
key in a secure database that is accessible to the administrative entity. 

14. (Original) A method as recited in Claim 9, wherein establishing a longer-lived 
symmetric key comprises the steps of: 

generating the longer-lived symmetric key; 

encrypting the longer-lived symmetric key using the device public key; 
encapsulating the encrypted longer-lived symmetric key in a device registration ticket; 
and 

sending the device registration ticket to the device. 

15. (Original) A method as recited in Claim 14, wherein encapsulating the encrypted key 
comprises encapsulating the encrypted longer-Uved symmetric key with policy 
information in the device registration ticket, wherein the policy information defines a 
validity interval of the encrypted longer-lived symmetric key. 

16. (Original) A method as recited in Claim 8, wherein generating and providing a short- 
term symmetric key to the first device includes the steps of encapsulating the short-term 
symmetric key in a short-term ticket granting ticket with associated policy information. 

17. (Previously Presented) A method as recited in Claim 8, wherein the step of receiving a 
request firom a second device to obtain a session key for secure communications among 
the second device and the first device comprises the steps of: 

receiving a first short-term ticket granting ticket that includes the short-term symmetric 
key of the first device; 
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receiving a second short-term ticket granting ticket that includes the short-term 

symmetric key of the second device; 
decrypting the first and second short-term ticket granting tickets based on respective first 

and second shared secret keys; 
authenticating the short-term symmetric keys of the first device and second device based 

on the respective first and second shared secret keys; and 
generating and providing a symmetric session key to the second device for use in 

subsequent secure peer-to-peer communications between the first device and the 

second device without communication of the first device to a key management 

service or authoritative authentication service. 

18. (Currently Amended) A method of establishing secure cryptographic peer-to-peer 
communication between a first network packet routing device and a second network 
packet routing device in a network, the method comprising the computer-implemented 
steps of: 

providing a unique identifier of the first device to an administrative entity and receiving; 

in response, through a secure communication channel a registration service 

identifier that identifies an administrative entity to the first device; 
creating and storing a device public key associated with the first device in a secure data 

repository that is accessible by the administrative entity; 
authenticating the first device to the administrative entity by sending a message fi^om the 

first device to the administrative entity that is encrypted using the device public 

key; 

receiving a longer-lived symmetric key for the first device; 

authenticating the first device to a key management server using the longer-lived 

symmetric key of the first device; 
receiving a short-term symmetric key fi-om the key management server, based on 

authenticating the longer-lived symmetric key; 
generating a request to a second device to obtain a session key for secure 

communications among the second device and the first device, based on 

authenticating the short-term symmetric key, wherein the request includes the 

short-term symmetric key of the first device; and 
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receiving a symmetric session key from the second device for use in subsequent secure 
peer-to-peer communications between the first device and the second device 
without communication of the first device to a key management service or 
authoritative authentication servicet. 

19. (Previously Presented) A method as recited in Claim 18, wherein the steps of creating 
and storing a device public key associated with the first device in a secure data repository 
comprises the steps of generating a public key pair comprising a device pubUc key and a 
device private key and storing the device public key in a database or directory that is 
accessible to the administrative entity. 

20. (Previously Presented) A method as recited in Claim 18, wherein the steps of creating 
and storing a device public key associated with the first device in a secure data repository 
comprises the steps of generating a public key pair comprising a device pubHc key and a 
device private key and registering the device public key with a certification authority that 
is accessible to the administrative entity. 

21. (Canceled.) 

22. (Canceled.) 

23. (Previously Presented) A method as recited in Claim 18, wherein providing information 
to a registration service that the first device is a certified device comprises the steps of 
creating and storing an association of a unique identifier of the first device and the device 
public key in a secure database that is accessible to the registration service, and providing 
the unique identifier from the first device to the registration service. 

24. (Original) A method as recited in Claim 19, wherein receiving a longer-lived symmetric 
key comprises the steps of receiving a device registration ticket that comprises the 
longer-lived symmetric key encrypted using the device public key. 
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25. (Original) A method as recited in Claim 24, wherein the encrypted longer- lived 
symmetric key is encapsulated in the device registration ticket with policy information 
that defines a validity interval of the encrypted longer-lived symmetric key. 

26. (Original) A method as recited in Claim 18, wherein receiving the short-term symmetric 
key comprises the steps of receiving the short-term symmetric key in a short-term ticket 
granting ticket with associated policy information. 

27. (Original) A method as recited in Claim 18, wherein the step of generating a request 
from a second device to obtain a session key for secure communications among the 
second device and the first device comprises the steps of generating a first short-term 
ticket granting ticket that includes the short-term symmetric key of the first device. 

28. (Original) A method as recited in Claim 18, wherein the step of receiving a symmetric 
session key from the second device for use in subsequent secure peer-to-peer 
communications between the first device and the second device comprises receiving a 
shared service ticket that contains the symmetric session key. 

29. (Original) A method as recited in Claim 28, fiirther comprising the steps of: 
generating an initial request for peer-to-peer secure communication, wherein the initial 

request is directed to the second device and includes the shared service ticket; 
authenticating the second device based on the symmetric session key in the shared 
service ticket; 

conmiunicating one or more messages to the second device using the symmetric session 
key to encrypt or decrypt the messages. 

30. (Currently Amended) A computer-readable medium carrying one or more sequences of 
instructions for distributing cryptographic keys in a network, which instructions, when 
executed by one or more processors, cause the one or more processors to carry out the 
steps of: 
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providin g, using a secure communication channeL a registration service identifier that 

identifies an administrative entity to a first non-configured network packet routing 
device; 

providing a unique identifier of the first device to the administrative entity; 
associating a device public key with the first device in a secure data repository that is 

accessible by the administrative entity; 
authenticating the first device to the administrative entity based on the device public key 

associated with the first device; 
establishing a longer-lived symmetric key for the first device; 
authenticating the first device based on receiving the longer-lived symmetric key fi-om 

the first device; 

generating and providing a short-term symmetric key to the first device based on 
authenticating the longer-lived symmetric key; 

receiving a request from a second network packet routing device to obtain a session key 
for secure communications between the second device and the first device, 
wherein the second device sends the request in response to receiving a request 
from the first device to obtain a session key on behalf of both the first device and 
the second device; 

authenticating the request from the second device based on authenticating the shorter- 
lived symmetric key of the first device, wherein the request from the second 
device includes the shorter-lived symmetric key of the first device; and 

generating and providing a symmetric session key to the second device for use in 

subsequent secure peer-to-peer communications between the first device and the 
second device without communication of the first device to a key management 
service or authoritative authentication service. 



3 1 . (Cxurently Amended) An apparatus for distributing cryptographic keys in a network, 
comprising: 

means for providin g, using a secure communication channeL a registration service 

identifier that identifies an administrative entity to a first non-configured network 
packet routing device; 
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means for providing a unique identifier of the first device to the administrative entity; 

means for associating a device public key with the first device in a secure data repository 
that is accessible by the administrative entity; 

means for authenticating the first device to the administrative entity based on the device 
public key associated with the first device; 

means for establishing a longer-lived symmetric key for the first device; 

means for authenticating the first device based on receiving the longer-lived symmetric 
key fi-om the first device; 

means for generating and providing a short-term symmetric key to the first device based 
on authenticating the longer-lived symmetric key; 

means for receiving a request firom a second network packet routing device to obtain a 
session key for secure communications between the second device and the first 
device, wherein the second device sends the request in response to receiving a 
request fi*om the first device to obtain a session key on behalf of both the first 
device and the second device; 

means for authenticating the request fi-om the second device based on authenticating the 
shorter-lived symmetric key of the first device, wherein the request fi*om the 
second device includes the shorter-lived symmetric key of the first device; and 

means for generating and providing a symmetric session key to the second device for use 
in subsequent secure peer-to-peer communications between the first device and 
the second device, wherein the first device obtains the symmetric session key 
fi"om the second device without communication of the first device to a key 
management service or authoritative authentication service. 

32. (Currently Amended) An apparatus for distributing cryptographic keys in a data 
network, comprising: 

a network interface that is coupled to the data network for receiving one or more packet 
flows therefi*om; 
a processor; 

one or more stored sequences of instructions which, when executed by the processor, 
cause the processor to carry out the steps of: 
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providin g, using a secure communication channel, a registration service identifier that 

identifies an administrative entity to a first non-configured network packet routing 
device; 

providing a unique identifier of the first device to the administrative entity; 
associating a device public key with the first device in a secure data repository that is 

accessible by the administrative entity; 
authenticating the first device to the administrative entity based on the device public key 

associated with the first device; 
establishing a longer-lived symmetric key for the first device; 
authenticating the first device based on receiving the longer-lived symmetric key firom 

the first device; 

generating and providing a short-term synunetric key to the first device based on 
authenticating the longer-lived symmetric key; 

receiving a request fi-om a second network packet routing device to obtain a session key 
for secure communications between the second device and the first device, 
wherein the second device sends the request in response to receiving a request 
firom the first device to obtain a session key on behalf of both the first device and 
the second device; 

authenticating the request fi'om the second device based on authenticating the shorter- 
lived symmetric key of the first device, wherein the request fi-om the second 
device includes the shorter-lived symmetric key of the first device; and 

generating and providing a symmetric session key to the second device for use in 

subsequent secure peer-to-peer communications between the first device and the 
second device, wherein the first device obtains the symmetric session key fi'om 
the second device without communication of the first device to a key management 
service or authoritative authentication service. 



33. (New) An apparatus as recited in Claim 3 1 , wherein the shorter-lived symmetric key is 
encapsulated in a ticket that includes data identifying a specified lifetime of the shorter- 
lived symmetric key. 
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34. (New) An apparatus as recited in Claim 31, wherein the subsequent secure 
communications comprise successive symmetric encryption and decryption operations 
using the symmetric session key, and wherein the first device and second device carry out 
the subsequent secure communications without contact with a key management service or 
registration service. 

35. (New) An apparatus as recited in Claim 32, wherein the shorter-lived symmetric key is 
encapsulated in a ticket that includes data identifying a specified lifetime of the shorter- 
lived symmetric key. 

36. (New) An apparatus as recited in Claim 32, wherein the subsequent secure 
communications comprise successive symmetric encryption and decryption operations 
using the symmetric session key, and wherein the first device and second device carry out 
the subsequent secure commxmications without contact with a key management service or 
registration service. 



